342 Open source projects that are alternatives of or similar to iTunes_Backup_Reader

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Trace ScriptBlock execution for powershell v2

An Incident Response tool to extract console command history and screen output buffer

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Collaborative forensic timeline analysis

Automation and Scaling of Digital Forensics Tools

Event Trace Log file parser in pure Python

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Minimalistic DNS logging tool

A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

incident response scripts

Dumps all of the Key/Value pairs from a LevelDB database

Python script to decode common encoded PowerShell scripts

PowerShell module for Office 365 and Azure log collection

#ThreatHunting #DFIR #Malware #Detection Mind Maps

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

macOS Artifact Parsing Tool

Automagically extract forensic timeline from volatile memory dump

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Query and report user logons relations from MS Windows Security Events

Timeline of Active Directory changes with replication metadata

Provides various Windows Server Active Directory (AD) security-focused reports.

Live system forensic collector

Educational, CTF-styled labs for individuals interested in Memory Forensics

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

Everything related to Linux Forensics

Truehunter

A tool for forensic file system reconstruction.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Web browser forensics for Google Chrome/Chromium

System Management RAM analysis tool

Invoke-LiveResponse

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

Carve file metadata from NTFS index ($I30) attributes

LIFARS Networking Security GNU/Linux distro

Validate iTunes Transaction and Unified style receipts with local decoding and remote validation.

Set of Yara rules for finding files using magics headers

The entire walkthrough of all my resolved TryHackMe rooms

Forensics triage tool relying on Volatility and Foremost

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

Screensaver inspired by Apple’s inbuilt iTunes Screensaver. It can display Artwork by Spotify or last.fm Profile Data.

A simple, lightweight and secure Valheim Dedicated Server docker image with Kubernetes Helm chart support.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

Paragon APFS SDK Free

Containerized EverQuest Emulator Server Environment

SQLite queries

Recover files using lists of blocks hashes, bypassing the File System entirely

No description or website provided.

Analyst Unknown Cyber Range - a micro web service framework

A collection of scripts that make spending time on the web easy.

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Documentation for Zeek

An alternative scrobbler for iTunes and Music on macOS 10.12 or higher

The scalable, auditable and high-performance tamper-evident log project

No description or website provided.

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.